Lucene search
K

662 matches found

securityvulns
securityvulns
added 2009/11/17 12:0 a.m.36 views

GIMP integer overflow

Integer overflow on .BPM, .PSD files parsing...

9.3CVSS4.9AI score0.08689EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2008/08/07 12:0 a.m.81 views

CA Products That Embed Ingres Multiple Vulnerabilities

Title: CA Products That Embed Ingres Multiple Vulnerabilities CA Advisory Date: 2008-08-01 Reported By: iDefense Labs Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition. Summary: CA products that embed Ingres contain multiple...

7.2CVSS7.8AI score0.00444EPSS
Exploits1
NVD
NVD
added 2008/03/17 4:44 p.m.20 views

CVE-2008-1342

Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS5.7AI score0.00855EPSS
Exploits0References1
Prion
Prion
added 2008/03/17 4:44 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS6AI score0.00855EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/03/17 4:0 p.m.24 views

CVE-2008-1342

Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...

5.7AI score0.00855EPSS
Exploits0References1
CVE
CVE
added 2008/03/17 4:0 p.m.41 views

CVE-2008-1342

CVE-2008-1342 affects the search feature in Polymita BPM-Suite and CollagePortal . The vulnerabilities are described as cross-site scripting (XSS) weaknesses that allow remote attackers to inject arbitrary web script or HTML via the parameters _q and lucene_index_field_value . The sources consist...

4.3CVSS5.7AI score0.00855EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2007/12/21 7:46 p.m.17 views

Code injection

Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...

7.8CVSS7AI score0.55173EPSS
Exploits2References5Affected Software1
NVD
NVD
added 2007/12/21 7:46 p.m.19 views

CVE-2007-6509

Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...

7.8CVSS6.5AI score0.55173EPSS
Exploits2References5
Cvelist
Cvelist
added 2007/12/21 7:0 p.m.21 views

CVE-2007-6509

Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...

6.5AI score0.55173EPSS
Exploits2References5
CVE
CVE
added 2007/12/21 7:0 p.m.44 views

CVE-2007-6509

CVE-2007-6509 affects Appian Enterprise BPM Suite 5.6 SP1. The vulnerability is described as an unspecified remote denial of service caused by sending a crafted packet to port 5400/tcp. The connected documents confirm a DoS exploit context (e.g., Metasploit module and PoC references), but no patc...

7.8CVSS6.5AI score0.55173EPSS
Exploits2References5Affected Software1
securityvulns
securityvulns
added 2007/12/21 12:0 a.m.31 views

Appian Enterprise Business Process Management Suite DoS

Application hang on malformed TCP/5400 packet...

2.1AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.18 views

CVE-2002-1780

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service crash by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Window...

6.7AI score0.01574EPSS
Exploits0References3
CVE
CVE
added 2005/06/21 4:0 a.m.40 views

CVE-2002-1780

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that enables a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. The note indicates that some of these application-level DOS device issues may stem from a Windows bug, and the pro...

5CVSS7.1AI score0.01574EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-1780

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service crash by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Window...

5CVSS6.7AI score0.01574EPSS
Exploits0References3
NVD
NVD
added 2002/06/25 4:0 a.m.18 views

CVE-2002-0331

Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP request...

5CVSS6.7AI score0.02852EPSS
Exploits1References3
CVE
CVE
added 2002/05/03 4:0 a.m.52 views

CVE-2002-0331

CVE-2002-0331 describes a directory traversal vulnerability in the HTTP server of BPM Studio Pro 4.2, enabling remote attackers to read arbitrary files by using a dot-dot sequence in the HTTP request. Per the provided records, the impact is listed as confidentiality: none , integrity: partial , a...

5CVSS7.1AI score0.02852EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.16 views

CVE-2002-0331

Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP request...

6.7AI score0.02852EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.38 views

Многочисленные ошибки в BPM Studio (multiple bugs)

Доступ к специальным устройствам, обратный путь в каталогах...

0.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.33 views

BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY

Hi Bugtraq !! BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has an http server implementation for manage the player via the web browser. Unfortunatly, when you perform a simple http request like: http://BPM-HOST/con/con you can crash instantly non-patched Win9x host wit...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.21 views

BPM STUDIO PRO 4.2 DIRECTORY ESCAPE VULNERABILITY

Hi bugtraq again... Now i' ve found another vulnerability in BPM STUDIO PRO 4.2 http server implementation. Anyone can download any file in some host running this software simply like performing this http request : http://BPM-HOST/../../../../autoexec.bat http server is not activated by default...

0.4AI score
Exploits0
Rows per page
Query Builder